From 05eeb6ea9a8f8ad4210010ec817de18d73dc5fd8 Mon Sep 17 00:00:00 2001 From: KelvinTegelaar Date: Thu, 8 Aug 2024 14:22:39 +0200 Subject: [PATCH] removes fuckup --- .../Public/Standards/Invoke-CIPPStandardAPConfig.ps1 | 6 ++---- .../CIPPCore/Public/Standards/Invoke-CIPPStandardAPESP.ps1 | 2 +- .../Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardAddDKIM.ps1 | 4 +--- .../Standards/Invoke-CIPPStandardAnonReportDisable.ps1 | 4 +--- .../Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 | 2 +- .../Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardAuditLog.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardAutoExpandArchive.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardBookings.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardBranding.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardCloudMessageRecall.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardConditionalAccess.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDelegateSentItems.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDeletedUserRentention.ps1 | 6 ++---- .../Invoke-CIPPStandardDisableAddShortcutsToOneDrive.ps1 | 6 ++---- ...Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableAppCreation.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableEmail.ps1 | 6 ++---- .../Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableGuestDirectory.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableM365GroupUsers.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableReshare.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableSMS.ps1 | 6 ++---- .../Invoke-CIPPStandardDisableSecurityGroupUsers.ps1 | 6 ++---- .../Invoke-CIPPStandardDisableSelfServiceLicenses.ps1 | 6 ++---- .../Invoke-CIPPStandardDisableSharePointLegacyAuth.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableTenantCreation.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisableUserSiteCreate.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableViva.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardDisableVoice.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardDisablex509Certificate.ps1 | 6 ++---- .../Invoke-CIPPStandardEXODisableAutoForwarding.ps1 | 6 ++---- .../Invoke-CIPPStandardEnableAppConsentRequests.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardEnableCustomerLockbox.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardEnableFIDO2.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardEnableHardwareOAuth.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardEnableLitigationHold.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardEnableMailTips.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardEnableMailboxAuditing.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardEnableOnlineArchiving.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardEnablePronouns.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardExConnector.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardExcludedfileExt.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 | 6 ++---- .../Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardGroupTemplate.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardMailContacts.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardMessageExpiration.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardOauthConsentLowSec.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 | 6 ++---- .../Invoke-CIPPStandardPWcompanionAppAllowedState.ps1 | 6 ++---- ...oke-CIPPStandardPWdisplayAppInformationRequiredState.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardPasswordExpireDisabled.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardPerUserMFA.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardPhishProtection.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardQuarantineRequestAlert.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardRotateDKIM.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardSPAzureB2B.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardSPDirectSharing.ps1 | 6 ++---- .../Invoke-CIPPStandardSPDisableLegacyWorkflows.ps1 | 6 ++---- .../Invoke-CIPPStandardSPDisallowInfectedFiles.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSPEmailAttestation.ps1 | 6 ++---- .../Invoke-CIPPStandardSPExternalUserExpiration.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSPSyncButtonState.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSafeAttachmentPolicy.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardSafeLinksPolicy.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSafeSendersDisable.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSecurityDefaults.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardSendFromAlias.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSendReceiveLimitTenant.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardShortenMeetings.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardSpoofWarn.ps1 | 6 ++---- .../CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardTeamsEmailIntegration.ps1 | 6 ++---- .../Invoke-CIPPStandardTeamsExternalAccessPolicy.ps1 | 6 ++---- .../Invoke-CIPPStandardTeamsExternalFileSharing.ps1 | 6 ++---- .../Invoke-CIPPStandardTeamsFederationConfiguration.ps1 | 6 ++---- .../Invoke-CIPPStandardTeamsGlobalMeetingPolicy.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardTeamsMeetingsByDefault.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardTenantDefaultTimezone.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardTransportRuleTemplate.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardUndoOauth.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardUserSubmissions.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardallowOAuthTokens.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardallowOTPTokens.ps1 | 4 +--- .../Public/Standards/Invoke-CIPPStandardcalDefault.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandarddisableMacSync.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 | 6 ++---- .../Invoke-CIPPStandardintuneDeviceRetirementDays.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 | 6 ++---- .../CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 | 6 ++---- .../Standards/Invoke-CIPPStandardsharingCapability.ps1 | 6 ++---- .../Invoke-CIPPStandardsharingDomainRestriction.ps1 | 6 ++---- .../Public/Standards/Invoke-CIPPStandardunmanagedSync.ps1 | 6 ++---- 108 files changed, 211 insertions(+), 423 deletions(-) diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPConfig.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPConfig.ps1 index 8899742b0c4c..237d144108ec 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPConfig.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPConfig.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardAPConfig { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'APConfig' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'APConfig' + If ($Settings.remediate -eq $true) { try { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPESP.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPESP.ps1 index 4dea8e06518b..1b5a07478d95 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPESP.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAPESP.ps1 @@ -5,7 +5,7 @@ function Invoke-CIPPStandardAPESP { #> param($Tenant, $Settings) If ($Settings.remediate -eq $true) { - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'APESP' + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'APESP' if ($Rerun -eq $true) { exit 0 } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 index 8cf5047d39f8..c60f21c24419 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardActivityBasedTimeout.ps1 @@ -31,10 +31,8 @@ function Invoke-CIPPStandardActivityBasedTimeout { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'ActivityBasedTimeout' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun -Type Standard -Tenant $Tenant -API 'ActivityBasedTimeout' -Settings $Settings + # Input validation if ([string]::IsNullOrWhiteSpace($Settings.timeout) -or $Settings.timeout -eq 'Select a value' ) { Write-LogMessage -API 'Standards' -tenant $tenant -message 'ActivityBasedTimeout: Invalid timeout parameter set' -sev Error diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDKIM.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDKIM.ps1 index a3db5706a801..dc19acf1b2c8 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDKIM.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAddDKIM.ps1 @@ -30,9 +30,7 @@ function Invoke-CIPPStandardAddDKIM { param($Tenant, $Settings) $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'AddDKIM' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + $AllDomains = (New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/domains?$top=999' -tenantid $Tenant | Where-Object { $_.supportedServices -contains 'Email' -or $_.id -like '*mail.onmicrosoft.com' }).id $DKIM = (New-ExoRequest -tenantid $tenant -cmdlet 'Get-DkimSigningConfig') | Select-Object Domain, Enabled, Status diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1 index f149b48e5247..314d55a02797 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAnonReportDisable.ps1 @@ -28,9 +28,7 @@ function Invoke-CIPPStandardAnonReportDisable { param($Tenant, $Settings) $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'allowOTPTokens' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/reportSettings' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1 index e5abedf96dd1..f20908e8694b 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAntiPhishPolicy.ps1 @@ -48,10 +48,8 @@ function Invoke-CIPPStandardAntiPhishPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'AntiPhishPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'AntiPhishPolicy' + $PolicyName = 'Default Anti-Phishing Policy' $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AntiPhishPolicy' | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 index 2e122e307135..7bec89184ecf 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAppDeploy.ps1 @@ -30,7 +30,7 @@ function Invoke-CIPPStandardAppDeploy { param($Tenant, $Settings) If ($Settings.remediate -eq $true) { - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'AppDeploy' + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'AppDeploy' if ($Rerun -eq $true) { exit 0 } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1 index cf68f3a54440..02f3a203d25f 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAtpPolicyForO365.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardAtpPolicyForO365 { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'AtpPolicyForO365' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'AtpPolicyForO365' + $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AtpPolicyForO365' | Select-Object EnableATPForSPOTeamsODB, EnableSafeDocs, AllowSafeDocsOpen diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1 index 78a235377e6d..bec7d998175d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAuditLog.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardAuditLog { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'AuditLog' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'AuditLog' + Write-Host ($Settings | ConvertTo-Json) $AuditLogEnabled = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-AdminAuditLogConfig' -Select UnifiedAuditLogIngestionEnabled).UnifiedAuditLogIngestionEnabled diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoExpandArchive.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoExpandArchive.ps1 index c6e2e55e4d32..75d579d70947 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoExpandArchive.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardAutoExpandArchive.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardAutoExpandArchive { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'AutoExpandArchive' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'AutoExpandArchive' + $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').AutoExpandingArchiveEnabled If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBookings.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBookings.ps1 index 7a40a2e3e825..0cd8160912b0 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBookings.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBookings.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardBookings { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'Bookings' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'Bookings' + $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').BookingsEnabled $WantedState = if ($Settings.state -eq 'true') { $true } else { $false } $StateIsCorrect = if ($CurrentState -eq $WantedState) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1 index 853e43d3fb0a..88a032d9662d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardBranding.ps1 @@ -33,10 +33,8 @@ function Invoke-CIPPStandardBranding { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'Branding' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'Branding' + $TenantId = Get-Tenants | Where-Object -Property defaultDomainName -EQ $Tenant try { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardCloudMessageRecall.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardCloudMessageRecall.ps1 index f6a6d05ccfaf..cdd36f68a8c0 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardCloudMessageRecall.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardCloudMessageRecall.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardCloudMessageRecall { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'CloudMessageRecall' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'CloudMessageRecall' + $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').MessageRecallEnabled $WantedState = if ($Settings.state -eq 'true') { $true } else { $false } $StateIsCorrect = if ($CurrentState -eq $WantedState) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 index 8b3aa69b240b..4cc680f25701 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardConditionalAccess.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardConditionalAccess { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'ConditionalAccess' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'ConditionalAccess' + If ($Settings.remediate -eq $true) { $APINAME = 'Standards' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDelegateSentItems.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDelegateSentItems.ps1 index 26976e930a51..0a50dd6bcc86 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDelegateSentItems.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDelegateSentItems.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDelegateSentItems { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'DelegateSentItems' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun -Type Standard -Tenant $Tenant -API 'DelegateSentItems' -Settings $Settings + $Mailboxes = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-Mailbox' -cmdParams @{ RecipientTypeDetails = @('UserMailbox', 'SharedMailbox') } | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDeletedUserRentention.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDeletedUserRentention.ps1 index 5043fd65cba7..d1a9f6735da1 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDeletedUserRentention.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDeletedUserRentention.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardDeletedUserRentention { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DeletedUserRetention' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DeletedUserRetention' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true if ($Settings.report -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAddShortcutsToOneDrive.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAddShortcutsToOneDrive.ps1 index 8357fbe7b3ea..242335f7c64b 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAddShortcutsToOneDrive.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAddShortcutsToOneDrive.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardDisableAddShortcutsToOneDrive { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableAddShortcutsToOneDrive' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableAddShortcutsToOneDrive' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object _ObjectIdentity_, TenantFilter, DisableAddToOneDrive if ($Settings.report -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 index 26c17a48609b..945e19f0e649 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAdditionalStorageProviders.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardDisableAdditionalStorageProviders { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableAdditionalStorageProviders' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableAdditionalStorageProviders' + $AdditionalStorageProvidersState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OwaMailboxPolicy' -cmdParams @{Identity = 'OwaMailboxPolicy-Default' } if ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAppCreation.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAppCreation.ps1 index 3f31f5d53130..a65602a9201c 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAppCreation.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableAppCreation.ps1 @@ -29,11 +29,9 @@ function Invoke-CIPPStandardDisableAppCreation { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableAppCreation' + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableAppCreation' + - if ($Rerun -eq $true) { - exit 0 - } $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy?$select=defaultUserRolePermissions' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1 index c9e88905d0e9..9d120e89d501 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableBasicAuthSMTP.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableBasicAuthSMTP { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableBasicAuthSMTP' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableBasicAuthSMTP' + $CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-TransportConfig' $SMTPusers = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-CASMailbox' -cmdParams @{ ResultSize = 'Unlimited' } | Where-Object { ($_.SmtpClientAuthenticationDisabled -eq $false) } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEmail.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEmail.ps1 index d6d075c025ee..7cc7a238583d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEmail.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableEmail.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableEmail { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableEmail' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableEmail' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/Email' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 index b479bac9f416..645317e6c9b5 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableExternalCalendarSharing.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardDisableExternalCalendarSharing { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableExternalCalendarSharing' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableExternalCalendarSharing' + $CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-SharingPolicy' | Where-Object { $_.Default -eq $true } if ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuestDirectory.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuestDirectory.ps1 index 605d070302fb..f05f6a06a123 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuestDirectory.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuestDirectory.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableGuestDirectory { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableGuestDirectory' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableGuestDirectory' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 index 5f23a86746a3..536c9a62c21f 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableGuests.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableGuests { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableGuests' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableGuests' + $Lookup = (Get-Date).AddDays(-90).ToUniversalTime().ToString('o') $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$filter=(signInActivity/lastNonInteractiveSignInDateTime le $Lookup)&`$select=id,UserPrincipalName,signInActivity,mail,userType,accountEnabled" -scope 'https://graph.microsoft.com/.default' -tenantid $Tenant | Where-Object { $_.userType -EQ 'Guest' -and $_.AccountEnabled -EQ $true } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableM365GroupUsers.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableM365GroupUsers.ps1 index f9a2e14cb1bc..610f0fd51b58 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableM365GroupUsers.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableM365GroupUsers.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableM365GroupUsers { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableM365GroupUsers' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableM365GroupUsers' + $CurrentState = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/settings' -tenantid $tenant) | Where-Object -Property displayname -EQ 'Group.unified' If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 index b69a92a98f4f..5e423523c28c 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableOutlookAddins.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardDisableOutlookAddins { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableOutlookAddins' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableOutlookAddins' + $CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-RoleAssignmentPolicy' | Where-Object { $_.IsDefault -eq $true } $Roles = @('My Custom Apps', 'My Marketplace Apps', 'My ReadWriteMailbox Apps') $RolesToRemove = foreach ($Role in $Roles) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableReshare.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableReshare.ps1 index 56f5346f8f92..51510e301b24 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableReshare.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableReshare.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardDisableReshare { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableReshare' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableReshare' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSMS.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSMS.ps1 index 1dcdb8ea9e02..6383fecb791a 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSMS.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSMS.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableSMS { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableSMS' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSMS' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/SMS' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSecurityGroupUsers.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSecurityGroupUsers.ps1 index a748c28d4970..ee8774f79148 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSecurityGroupUsers.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSecurityGroupUsers.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableSecurityGroupUsers { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableSecurityGroupUsers' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSecurityGroupUsers' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSelfServiceLicenses.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSelfServiceLicenses.ps1 index c4619e4eaf81..8c1e15175593 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSelfServiceLicenses.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSelfServiceLicenses.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardDisableSelfServiceLicenses { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableSelfServiceLicenses' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSelfServiceLicenses' + #Write-LogMessage -API 'Standards' -tenant $tenant -message 'Self Service Licenses cannot be disabled' -sev Error try { $selfServiceItems = (New-GraphGETRequest -scope 'aeb86249-8ea3-49e2-900b-54cc8e308f85/.default' -uri 'https://licensing.m365.microsoft.com/v1.0/policies/AllowSelfServicePurchase/products' -tenantid $Tenant).items diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharePointLegacyAuth.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharePointLegacyAuth.ps1 index 520333f8cbb2..733fb3ad4ebd 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharePointLegacyAuth.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharePointLegacyAuth.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardDisableSharePointLegacyAuth { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableSharePointLegacyAuth' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSharePointLegacyAuth' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings?$select=isLegacyAuthProtocolsEnabled' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 index cd34f9640d48..3726e76e38ab 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableSharedMailbox.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardDisableSharedMailbox { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableSharedMailbox' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableSharedMailbox' + $UserList = New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/users?$top=999&$filter=accountEnabled eq true' -Tenantid $tenant -scope 'https://graph.microsoft.com/.default' $SharedMailboxList = (New-GraphGetRequest -uri "https://outlook.office365.com/adminapi/beta/$($Tenant)/Mailbox" -Tenantid $tenant -scope ExchangeOnline | Where-Object { $_.RecipientTypeDetails -EQ 'SharedMailbox' -or $_.RecipientTypeDetails -eq 'SchedulingMailbox' -and $_.UserPrincipalName -in $UserList.UserPrincipalName }) diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 index 6e68d41f0866..db5c618afb30 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTNEF.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableTNEF { #> param ($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableTNEF' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableTNEF' + $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-RemoteDomain' -cmdParams @{Identity = 'Default' } if ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTenantCreation.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTenantCreation.ps1 index 678937b059dd..ae38e5485eb6 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTenantCreation.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableTenantCreation.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardDisableTenantCreation { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableTenantCreation' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableTenantCreation' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy' -tenantid $Tenant $State = $CurrentInfo.defaultUserRolePermissions.allowedToCreateTenants diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableUserSiteCreate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableUserSiteCreate.ps1 index 1e12ee25a633..9956f0994f26 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableUserSiteCreate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableUserSiteCreate.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableUserSiteCreate { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableUserSiteCreate' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableUserSiteCreate' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableViva.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableViva.ps1 index 5733c1f6b919..5a68798fa0d6 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableViva.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableViva.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableViva { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableViva' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableViva' + try { # TODO This does not work without Global Admin permissions for some reason. Throws an "EXCEPTION: Tenant admin role is required" error. -Bobby $CurrentSetting = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/organization/$Tenant/settings/peopleInsights" -tenantid $Tenant -AsApp $true diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableVoice.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableVoice.ps1 index 0276b9aea334..1bc723402d89 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableVoice.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisableVoice.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisableVoice { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'DisableVoice' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'DisableVoice' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/Voice' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisablex509Certificate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisablex509Certificate.ps1 index c25c26dd6f83..05fc92176eef 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisablex509Certificate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardDisablex509Certificate.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardDisablex509Certificate { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'Disablex509Certificate' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'Disablex509Certificate' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/x509Certificate' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 index b9ddbfde776f..022f9234500d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEXODisableAutoForwarding.ps1 @@ -31,10 +31,8 @@ function Invoke-CIPPStandardEXODisableAutoForwarding { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EXODisableAutoForwarding' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EXODisableAutoForwarding' + $CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-HostedOutboundSpamFilterPolicy' -cmdparams @{Identity = 'Default' } -useSystemMailbox $true $StateIsCorrect = $CurrentInfo.AutoForwardingMode -eq 'Off' -or $CurrentInfo.AutoForwardingMode -eq 'Automatic' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableAppConsentRequests.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableAppConsentRequests.ps1 index 53d9734f25f4..20e21b26d363 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableAppConsentRequests.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableAppConsentRequests.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardEnableAppConsentRequests { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableAppConsentRequests' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableAppConsentRequests' + $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/adminConsentRequestPolicy' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableCustomerLockbox.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableCustomerLockbox.ps1 index c29fced6a76f..f57d4d9a311b 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableCustomerLockbox.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableCustomerLockbox.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardEnableCustomerLockbox { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableCustomerLockbox' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableCustomerLockbox' + $CustomerLockboxStatus = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').CustomerLockboxEnabled if ($Settings.remediate -eq $true) { Write-Host 'Time to remediate' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableFIDO2.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableFIDO2.ps1 index 80cc57825a59..90e0685e616d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableFIDO2.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableFIDO2.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardEnableFIDO2 { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableFIDO2' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableFIDO2' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/Fido2' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableHardwareOAuth.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableHardwareOAuth.ps1 index 50a12bdb2b11..0020b20bb622 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableHardwareOAuth.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableHardwareOAuth.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardEnableHardwareOAuth { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableHardwareOAuth' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableHardwareOAuth' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/HardwareOath' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableLitigationHold.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableLitigationHold.ps1 index 70d4f0ace6d8..684f6e68d420 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableLitigationHold.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableLitigationHold.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardEnableLitigationHold { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableLitigationHold' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableLitigationHold' + $MailboxesNoLitHold = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-Mailbox' -cmdparams @{ Filter = 'LitigationHoldEnabled -eq "False"' } | Where-Object { $_.PersistedCapabilities -contains 'BPOS_S_DlpAddOn' -or $_.PersistedCapabilities -contains 'BPOS_S_Enterprise' } If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailTips.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailTips.ps1 index 9be212169cdd..7d394216d155 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailTips.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailTips.ps1 @@ -31,10 +31,8 @@ function Invoke-CIPPStandardEnableMailTips { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableMailTips' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableMailTips' + $MailTipsState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig' | Select-Object MailTipsAllTipsEnabled, MailTipsExternalRecipientsTipsEnabled, MailTipsGroupMetricsEnabled, MailTipsLargeAudienceThreshold $StateIsCorrect = if ($MailTipsState.MailTipsAllTipsEnabled -and $MailTipsState.MailTipsExternalRecipientsTipsEnabled -and $MailTipsState.MailTipsGroupMetricsEnabled -and $MailTipsState.MailTipsLargeAudienceThreshold -eq $Settings.MailTipsLargeAudienceThreshold) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailboxAuditing.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailboxAuditing.ps1 index ee6fbe74091f..b1b3231cc540 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailboxAuditing.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableMailboxAuditing.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardEnableMailboxAuditing { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableMailboxAuditing' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableMailboxAuditing' + $AuditState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').AuditDisabled if ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableOnlineArchiving.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableOnlineArchiving.ps1 index 7d6088574ac7..93c7ddf66366 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableOnlineArchiving.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnableOnlineArchiving.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardEnableOnlineArchiving { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnableOnlineArchiving' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnableOnlineArchiving' + $MailboxPlans = @( 'ExchangeOnline', 'ExchangeOnlineEnterprise' ) $MailboxesNoArchive = $MailboxPlans | ForEach-Object { New-ExoRequest -tenantid $Tenant -cmdlet 'Get-Mailbox' -cmdparams @{ MailboxPlan = $_; Filter = 'ArchiveGuid -Eq "00000000-0000-0000-0000-000000000000" -AND RecipientTypeDetails -Eq "UserMailbox"' } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnablePronouns.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnablePronouns.ps1 index 418ad5bac274..f2cbaa65ec75 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnablePronouns.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardEnablePronouns.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardEnablePronouns { #> param ($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'EnablePronouns' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'EnablePronouns' + $Uri = 'https://graph.microsoft.com/v1.0/admin/people/pronouns' try { $CurrentState = New-GraphGetRequest -Uri $Uri -tenantid $Tenant diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExConnector.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExConnector.ps1 index fa7367bcb62a..8b2e5d72ace4 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExConnector.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExConnector.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardExConnector { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'ExConnector' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'ExConnector' + If ($Settings.remediate -eq $true) { $APINAME = 'Standards' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExcludedfileExt.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExcludedfileExt.ps1 index 8a23ca7690cf..b548f9a84810 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExcludedfileExt.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExcludedfileExt.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardExcludedfileExt { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'ExcludedfileExt' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'ExcludedfileExt' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true $Exts = ($Settings.ext -replace ' ', '') -split ',' # Add a wildcard to the extensions since thats what the SP admin center does diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 index 409bf5754ee4..c149c8f0ba16 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardExternalMFATrusted.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardExternalMFATrusted { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'ExternalMFATrusted' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'ExternalMFATrusted' + $ExternalMFATrusted = (New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/policies/crossTenantAccessPolicy/default?$select=inboundTrust' -tenantid $Tenant) $WantedState = if ($Settings.state -eq 'true') { $true } else { $false } $StateMessage = if ($WantedState) { 'enabled' } else { 'disabled' } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 index 2d4c634da098..f992134f6ddd 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardFocusedInbox.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardFocusedInbox { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'FocusedInbox' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'FocusedInbox' + # Input validation if ([string]::IsNullOrWhiteSpace($Settings.state) -or $Settings.state -eq 'Select a value') { Write-LogMessage -API 'Standards' -tenant $tenant -message 'ExternalMFATrusted: Invalid state parameter set' -sev Error diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 index b3c0f2e3677d..6dd91fa3e18c 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGlobalQuarantineNotifications.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardGlobalQuarantineNotifications { #> param ($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'GlobalQuarantineNotifications' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'GlobalQuarantineNotifications' + $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-QuarantinePolicy' -cmdParams @{ QuarantinePolicyType = 'GlobalQuarantinePolicy' } # This might take the cake on ugly hacky stuff i've done, diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGroupTemplate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGroupTemplate.ps1 index 9bfc40ddf4c5..e8a136607be1 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGroupTemplate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardGroupTemplate.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardGroupTemplate { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'GroupTemplate' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'GroupTemplate' + If ($Settings.remediate -eq $true) { foreach ($Template in $Settings.TemplateList) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 index 092b6b9e80b7..d4e6b908cd4a 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardIntuneTemplate.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardIntuneTemplate { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'intuneTemplate' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'intuneTemplate' + If ($Settings.remediate -eq $true) { Write-Host 'starting template deploy' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 index 58e475027907..71b37077e1dd 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMailContacts.ps1 @@ -31,10 +31,8 @@ function Invoke-CIPPStandardMailContacts { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'MailContacts' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'MailContacts' + $TenantID = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/organization' -tenantid $tenant) $CurrentInfo = New-GraphGetRequest -Uri "https://graph.microsoft.com/beta/organization/$($TenantID.id)" -tenantid $Tenant $contacts = $settings diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 index 5f4ea071f423..de714d817b59 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMalwareFilterPolicy.ps1 @@ -38,10 +38,8 @@ function Invoke-CIPPStandardMalwareFilterPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'MalwareFilterPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'MalwareFilterPolicy' + $PolicyName = 'Default Malware Policy' $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-MalwareFilterPolicy' | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 index f92e3e0391a0..26580e86fe71 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardMessageExpiration.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardMessageExpiration { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'MessageExpiration' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'MessageExpiration' + $MessageExpiration = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-TransportConfig').messageExpiration If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 index b09e311a3e5f..9f0d11665a86 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardNudgeMFA.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardNudgeMFA { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'NudgeMFA' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'NudgeMFA' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy' -tenantid $Tenant $State = if ($CurrentInfo.registrationEnforcement.authenticationMethodsRegistrationCampaign.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 index 8b7add9bfd97..bebad174b028 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsent.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardOauthConsent { #> param($tenant, $settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'OauthConsent' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'OauthConsent' + $State = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy' -tenantid $tenant $StateIsCorrect = if ($State.permissionGrantPolicyIdsAssignedToDefaultUserRole -eq 'managePermissionGrantsForSelf.cipp-consent-policy') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsentLowSec.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsentLowSec.ps1 index a0a75ebdb2a7..a07874b16692 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsentLowSec.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOauthConsentLowSec.ps1 @@ -26,10 +26,8 @@ function Invoke-CIPPStandardOauthConsentLowSec { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'OauthConsentLowSec' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'OauthConsentLowSec' + $State = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy' -tenantid $tenant) If ($Settings.remediate -eq $true) { try { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 index 1b076ebdfdbe..6835c5addcbb 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardOutBoundSpamAlert.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardOutBoundSpamAlert { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'OutBoundSpamAlert' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'OutBoundSpamAlert' + $CurrentInfo = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-HostedOutboundSpamFilterPolicy' -useSystemMailbox $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWcompanionAppAllowedState.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWcompanionAppAllowedState.ps1 index 73a32bd56da8..7d1cd2a7b866 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWcompanionAppAllowedState.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWcompanionAppAllowedState.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardPWcompanionAppAllowedState { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'PWcompanionAppAllowedState' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'PWcompanionAppAllowedState' + $authenticatorFeaturesState = (New-GraphGetRequest -tenantid $tenant -Uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/microsoftAuthenticator' -Type GET) $authstate = if ($authenticatorFeaturesState.featureSettings.companionAppAllowedState.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWdisplayAppInformationRequiredState.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWdisplayAppInformationRequiredState.ps1 index a8e24f20bb92..7cd75da2ed8a 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWdisplayAppInformationRequiredState.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPWdisplayAppInformationRequiredState.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardPWdisplayAppInformationRequiredState { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'PWdisplayAppInformationRequiredState' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'PWdisplayAppInformationRequiredState' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/microsoftAuthenticator' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPasswordExpireDisabled.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPasswordExpireDisabled.ps1 index 83544437e0d7..cfc808510b56 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPasswordExpireDisabled.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPasswordExpireDisabled.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardPasswordExpireDisabled { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'PasswordExpireDisabled' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'PasswordExpireDisabled' + $GraphRequest = New-GraphGetRequest -uri 'https://graph.microsoft.com/v1.0/domains' -tenantid $Tenant $DomainswithoutPassExpire = $GraphRequest | Where-Object -Property passwordValidityPeriodInDays -NE '2147483647' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPerUserMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPerUserMFA.ps1 index 3f5056472cff..60f6530c24a1 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPerUserMFA.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPerUserMFA.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardPerUserMFA { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'PerUserMFA' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'PerUserMFA' + $GraphRequest = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/users?`$top=999&`$select=UserPrincipalName,accountEnabled" -scope 'https://graph.microsoft.com/.default' -tenantid $Tenant | Where-Object { $_.AccountEnabled -EQ $true } $int = 0 diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPhishProtection.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPhishProtection.ps1 index 6a70473d21af..7ec300bccb70 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPhishProtection.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardPhishProtection.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardPhishProtection { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'PhishProtection' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'PhishProtection' + $TenantId = Get-Tenants | Where-Object -Property defaultDomainName -EQ $tenant try { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardQuarantineRequestAlert.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardQuarantineRequestAlert.ps1 index 9811398d94bc..ed6aac5075a2 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardQuarantineRequestAlert.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardQuarantineRequestAlert.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardQuarantineRequestAlert { #> param ($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'QuarantineRequestAlert' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'QuarantineRequestAlert' + $PolicyName = 'CIPP User requested to release a quarantined message' $CurrentState = New-ExoRequest -TenantId $Tenant -cmdlet 'Get-ProtectionAlert' -Compliance | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardRotateDKIM.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardRotateDKIM.ps1 index d85e82d5cc4a..18793df919ae 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardRotateDKIM.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardRotateDKIM.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardRotateDKIM { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'RotateDKIM' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'RotateDKIM' + $DKIM = (New-ExoRequest -tenantid $tenant -cmdlet 'Get-DkimSigningConfig') | Where-Object { $_.Selector1KeySize -Eq 1024 -and $_.Enabled -eq $true } If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPAzureB2B.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPAzureB2B.ps1 index 0bac98eaa058..b80eca166782 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPAzureB2B.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPAzureB2B.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardSPAzureB2B { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPAzureB2B' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPAzureB2B' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property EnableAzureADB2BIntegration diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDirectSharing.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDirectSharing.ps1 index 2eb45acd6a9c..fb6cb7ea00a9 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDirectSharing.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDirectSharing.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardSPDirectSharing { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPDirectSharing' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPDirectSharing' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property DefaultSharingLinkType diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisableLegacyWorkflows.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisableLegacyWorkflows.ps1 index 506920efe368..81b5f2671044 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisableLegacyWorkflows.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisableLegacyWorkflows.ps1 @@ -26,10 +26,8 @@ function Invoke-CIPPStandardSPDisableLegacyWorkflows { https://docs.cipp.app/user-documentation/tenant/standards/edit-standards #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPDisableLegacyWorkflows' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPDisableLegacyWorkflows' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property * diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisallowInfectedFiles.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisallowInfectedFiles.ps1 index a89913ba17d1..49bc1783f246 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisallowInfectedFiles.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPDisallowInfectedFiles.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardSPDisallowInfectedFiles { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPDisallowInfectedFiles' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPDisallowInfectedFiles' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property DisallowInfectedFileDownload diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPEmailAttestation.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPEmailAttestation.ps1 index 848634e16fdd..bee110b24634 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPEmailAttestation.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPEmailAttestation.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardSPEmailAttestation { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPEmailAttestation' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPEmailAttestation' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property EmailAttestationReAuthDays, EmailAttestationRequired diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPExternalUserExpiration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPExternalUserExpiration.ps1 index f442447d5d6f..05ae3e5655c3 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPExternalUserExpiration.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPExternalUserExpiration.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardSPExternalUserExpiration { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPExternalUserExpiration' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPExternalUserExpiration' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object -Property ExternalUserExpireInDays, ExternalUserExpirationRequired diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPSyncButtonState.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPSyncButtonState.ps1 index 4feaf1fff96a..148792c1e5ee 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPSyncButtonState.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSPSyncButtonState.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardSPSyncButtonState { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SPSyncButtonState' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SPSyncButtonState' + $CurrentState = Get-CIPPSPOTenant -TenantFilter $Tenant | Select-Object _ObjectIdentity_, TenantFilter, HideSyncButtonOnDocLib $WantedState = [System.Convert]::ToBoolean($Settings.state) $StateIsCorrect = if ($CurrentState.HideSyncButtonOnDocLib -eq $WantedState) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeAttachmentPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeAttachmentPolicy.ps1 index f0a16d502961..40d6424a03a8 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeAttachmentPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeAttachmentPolicy.ps1 @@ -36,10 +36,8 @@ function Invoke-CIPPStandardSafeAttachmentPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SafeAttachmentPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SafeAttachmentPolicy' + $PolicyName = 'Default Safe Attachment Policy' $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-SafeAttachmentPolicy' | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeLinksPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeLinksPolicy.ps1 index bbdbb0252121..6fe378e21140 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeLinksPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeLinksPolicy.ps1 @@ -34,10 +34,8 @@ function Invoke-CIPPStandardSafeLinksPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SafeLinksPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SafeLinksPolicy' + $PolicyName = 'Default SafeLinks Policy' $CurrentState = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-SafeLinksPolicy' | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeSendersDisable.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeSendersDisable.ps1 index 7b87b6857a35..db89dc6bca4d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeSendersDisable.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSafeSendersDisable.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardSafeSendersDisable { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SafeSendersDisable' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SafeSendersDisable' + If ($Settings.remediate -eq $true) { try { $Mailboxes = New-ExoRequest -tenantid $Tenant -cmdlet 'Get-Mailbox' -select 'UserPrincipalName' diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1 index 5763840e6ed6..0278b4c0d802 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSecurityDefaults.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardSecurityDefaults { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SecurityDefaults' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SecurityDefaults' + $SecureDefaultsState = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/identitySecurityDefaultsEnforcementPolicy' -tenantid $tenant) If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendFromAlias.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendFromAlias.ps1 index 1302206c956a..9f935c23c488 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendFromAlias.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendFromAlias.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardSendFromAlias { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SendFromAlias' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SendFromAlias' + $CurrentInfo = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').SendFromAliasEnabled If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendReceiveLimitTenant.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendReceiveLimitTenant.ps1 index de4e2464e1cf..7b1c48278d16 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendReceiveLimitTenant.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSendReceiveLimitTenant.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardSendReceiveLimitTenant { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SendReceiveLimitTenant' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SendReceiveLimitTenant' + # Input validation if ([Int32]$Settings.SendLimit -lt 1 -or [Int32]$Settings.SendLimit -gt 150) { Write-LogMessage -API 'Standards' -tenant $tenant -message 'SendReceiveLimitTenant: Invalid SendLimit parameter set' -sev Error diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardShortenMeetings.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardShortenMeetings.ps1 index 5213b54c2564..12768222b180 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardShortenMeetings.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardShortenMeetings.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardShortenMeetings { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'ShortenMeetings' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'ShortenMeetings' + # Input validation if ([Int32]$Settings.DefaultMinutesToReduceShortEventsBy -lt 0 -or [Int32]$Settings.DefaultMinutesToReduceShortEventsBy -gt 29) { Write-LogMessage -API 'Standards' -tenant $tenant -message 'Invalid shorten meetings settings specified. DefaultMinutesToReduceShortEventsBy must be an integer between 0 and 29' -sev Error diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1 index a210afd440f6..979f5b5fef75 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpamFilterPolicy.ps1 @@ -37,10 +37,8 @@ function Invoke-CIPPStandardSpamFilterPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SpamFilterPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SpamFilterPolicy' + $PolicyName = 'CIPP Default Spam Filter Policy' $CurrentState = New-ExoRequest -TenantId $Tenant -cmdlet 'Get-HostedContentFilterPolicy' | diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpoofWarn.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpoofWarn.ps1 index cffeac3f5c1a..e28fa5a7f84d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpoofWarn.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardSpoofWarn.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardSpoofWarn { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'SpoofWarn' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'SpoofWarn' + $CurrentInfo = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-ExternalInOutlook') if ($Settings.report -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 index c230deb5e412..eed73d9831ce 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTAP.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardTAP { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TAP' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TAP' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/policies/authenticationmethodspolicy/authenticationMethodConfigurations/TemporaryAccessPass' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsEmailIntegration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsEmailIntegration.ps1 index 56e80da3460e..143a812f7907 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsEmailIntegration.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsEmailIntegration.ps1 @@ -29,10 +29,8 @@ Function Invoke-CIPPStandardTeamsEmailIntegration { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsEmailIntegration' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsEmailIntegration' + $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsTeamsClientConfiguration' -CmdParams @{Identity = 'Global' } | Select-Object AllowEmailIntoChannel diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalAccessPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalAccessPolicy.ps1 index 506facc954af..ccea2e06907a 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalAccessPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalAccessPolicy.ps1 @@ -30,10 +30,8 @@ Function Invoke-CIPPStandardTeamsExternalAccessPolicy { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsExternalAccessPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsExternalAccessPolicy' + $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsExternalAccessPolicy' -CmdParams @{Identity = 'Global' } | Select-Object * diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalFileSharing.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalFileSharing.ps1 index b3a9de0a4ae9..3936c8012c94 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalFileSharing.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsExternalFileSharing.ps1 @@ -33,10 +33,8 @@ Function Invoke-CIPPStandardTeamsExternalFileSharing { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsExternalFileSharing' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsExternalFileSharing' + $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsTeamsClientConfiguration' | Select-Object AllowGoogleDrive, AllowShareFile, AllowBox, AllowDropBox, AllowEgnyte diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsFederationConfiguration.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsFederationConfiguration.ps1 index 0f9ba79fe38e..305db61e3761 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsFederationConfiguration.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsFederationConfiguration.ps1 @@ -31,10 +31,8 @@ Function Invoke-CIPPStandardTeamsFederationConfiguration { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsFederationConfiguration' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsFederationConfiguration' + $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsTenantFederationConfiguration' -CmdParams @{Identity = 'Global' } | Select-Object * diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsGlobalMeetingPolicy.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsGlobalMeetingPolicy.ps1 index 311efe3ff3cd..39879ae511dc 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsGlobalMeetingPolicy.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsGlobalMeetingPolicy.ps1 @@ -27,10 +27,8 @@ Function Invoke-CIPPStandardTeamsGlobalMeetingPolicy { .LINK https://docs.cipp.app/user-documentation/tenant/standards/edit-standards #> - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsGlobalMeetingPolicy' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsGlobalMeetingPolicy' + param($Tenant, $Settings) $CurrentState = New-TeamsRequest -TenantFilter $Tenant -Cmdlet 'Get-CsTeamsMeetingPolicy' -CmdParams @{Identity = 'Global' } | Select-Object AllowAnonymousUsersToJoinMeeting, AllowAnonymousUsersToStartMeeting, AutoAdmittedUsers, AllowPSTNUsersToBypassLobby, MeetingChatEnabledType, DesignatedPresenterRoleMode, AllowExternalParticipantGiveRequestControl diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMeetingsByDefault.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMeetingsByDefault.ps1 index 519a9897231b..c7736ed804f9 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMeetingsByDefault.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTeamsMeetingsByDefault.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardTeamsMeetingsByDefault { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TeamsMeetingsByDefault' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TeamsMeetingsByDefault' + $CurrentState = (New-ExoRequest -tenantid $Tenant -cmdlet 'Get-OrganizationConfig').OnlineMeetingsByDefaultEnabled $WantedState = if ($Settings.state -eq 'true') { $true } else { $false } $StateIsCorrect = if ($CurrentState -eq $WantedState) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTenantDefaultTimezone.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTenantDefaultTimezone.ps1 index 7d19dfbe8574..9f3fdd0deadf 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTenantDefaultTimezone.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTenantDefaultTimezone.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardTenantDefaultTimezone { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TenantDefaultTimezone' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TenantDefaultTimezone' + $CurrentState = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true $ExpectedTimezone = $Settings.Timezone.value $StateIsCorrect = $CurrentState.tenantDefaultTimezone -eq $ExpectedTimezone diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTransportRuleTemplate.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTransportRuleTemplate.ps1 index dd95093d1b14..b44764124031 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTransportRuleTemplate.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardTransportRuleTemplate.ps1 @@ -4,10 +4,8 @@ function Invoke-CIPPStandardTransportRuleTemplate { Internal #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'TransportRuleTemplate' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'TransportRuleTemplate' + If ($Settings.remediate -eq $true) { foreach ($Template in $Settings.TemplateList) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUndoOauth.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUndoOauth.ps1 index 997109f25ec4..f76330942c76 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUndoOauth.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUndoOauth.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardUndoOauth { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'UndoOauth' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'UndoOauth' + $CurrentState = New-GraphGetRequest -tenantid $Tenant -Uri 'https://graph.microsoft.com/beta/policies/authorizationPolicy/authorizationPolicy?$select=permissionGrantPolicyIdsAssignedToDefaultUserRole' $State = if ($CurrentState.permissionGrantPolicyIdsAssignedToDefaultUserRole -eq 'ManagePermissionGrantsForSelf.microsoft-user-default-legacy') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUserSubmissions.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUserSubmissions.ps1 index 855fc6821e2f..a2543cb3abb9 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUserSubmissions.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardUserSubmissions.ps1 @@ -29,10 +29,8 @@ function Invoke-CIPPStandardUserSubmissions { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'UserSubmissions' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'UserSubmissions' + # Input validation if ($Settings.remediate -eq $true -or $Settings.alert -eq $true) { if (!($Settings.state -eq 'enable' -or $Settings.state -eq 'disable')) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOAuthTokens.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOAuthTokens.ps1 index e8a8670c3068..bf8077378cb0 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOAuthTokens.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOAuthTokens.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardallowOAuthTokens { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'AddDKIM' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun -Type Standard -Tenant $Tenant -API 'AddDKIM' -Settings $Settings + $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/softwareOath' -tenantid $Tenant $State = if ($CurrentInfo.state -eq 'enabled') { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOTPTokens.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOTPTokens.ps1 index 650a36ac8e9f..925d836a3f9c 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOTPTokens.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardallowOTPTokens.ps1 @@ -28,9 +28,7 @@ function Invoke-CIPPStandardallowOTPTokens { param($Tenant, $Settings) $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -API 'allowOTPTokens' -Settings $Settings - if ($Rerun -eq $true) { - exit 0 - } + $CurrentInfo = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/authenticationMethodsPolicy/authenticationMethodConfigurations/microsoftAuthenticator' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 index fa718abb7053..c3348c0f489e 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardcalDefault.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardcalDefault { #> param($Tenant, $Settings, $QueueItem) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'calDefault' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'calDefault' + # Input validation if ([string]::IsNullOrWhiteSpace($Settings.permissionlevel) -or $Settings.permissionlevel -eq 'Select a value') { Write-LogMessage -API 'Standards' -tenant $tenant -message 'calDefault: Invalid permissionlevel parameter set' -sev Error diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandarddisableMacSync.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandarddisableMacSync.ps1 index b6de6a7ffb08..c7823d01d0ff 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandarddisableMacSync.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandarddisableMacSync.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandarddisableMacSync { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'disableMacSync' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'disableMacSync' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 index d0fcb5df521c..9740456b4f5d 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneBrandingProfile.ps1 @@ -37,10 +37,8 @@ function Invoke-CIPPStandardintuneBrandingProfile { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'intuneBrandingProfile' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'intuneBrandingProfile' + $CurrentState = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/deviceManagement/intuneBrandingProfiles/c3a59481-1bf2-46ce-94b3-66eec07a8d60/' -tenantid $Tenant -AsApp $true $StateIsCorrect = ((-not $Settings.displayName) -or ($CurrentState.displayName -eq $Settings.displayName)) -and diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 index f22355187f23..d215bdee71a3 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceReg.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardintuneDeviceReg { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'intuneDeviceReg' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'intuneDeviceReg' + $PreviousSetting = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/deviceRegistrationPolicy' -tenantid $Tenant $StateIsCorrect = if ($PreviousSetting.userDeviceQuota -eq $Settings.max) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceRetirementDays.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceRetirementDays.ps1 index 335472f39d05..1ba1715c6a76 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceRetirementDays.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneDeviceRetirementDays.ps1 @@ -28,10 +28,8 @@ function Invoke-CIPPStandardintuneDeviceRetirementDays { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'intuneDeviceRetirementDays' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'intuneDeviceRetirementDays' + $CurrentInfo = (New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/deviceManagement/managedDeviceCleanupSettings' -tenantid $Tenant) $StateIsCorrect = if ($PreviousSetting.DeviceInactivityBeforeRetirementInDays -eq $Settings.days) { $true } else { $false } diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 index 45690be4aab5..625e3ffd5776 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardintuneRequireMFA.ps1 @@ -26,10 +26,8 @@ function Invoke-CIPPStandardintuneRequireMFA { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'intuneRequireMFA' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'intuneRequireMFA' + $PreviousSetting = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/deviceRegistrationPolicy' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 index 8d0d8ea8683f..3f79203b66a6 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardlaps.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardlaps { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'laps' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'laps' + $PreviousSetting = New-GraphGetRequest -uri 'https://graph.microsoft.com/beta/policies/deviceRegistrationPolicy' -tenantid $Tenant If ($Settings.remediate -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingCapability.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingCapability.ps1 index 337b7dc02b8b..324f85838fa5 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingCapability.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingCapability.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardsharingCapability { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'sharingCapability' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'sharingCapability' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true if ($Settings.report -eq $true) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingDomainRestriction.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingDomainRestriction.ps1 index 199dd9bde828..4e3dfec988c9 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingDomainRestriction.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardsharingDomainRestriction.ps1 @@ -30,10 +30,8 @@ function Invoke-CIPPStandardsharingDomainRestriction { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'sharingDomainRestriction' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'sharingDomainRestriction' + $CurrentState = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true if ($Settings.Mode -eq 'none' -or $null -eq $Settings.Mode) { diff --git a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardunmanagedSync.ps1 b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardunmanagedSync.ps1 index e352b3372fb0..273aaad50ce3 100644 --- a/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardunmanagedSync.ps1 +++ b/Modules/CIPPCore/Public/Standards/Invoke-CIPPStandardunmanagedSync.ps1 @@ -27,10 +27,8 @@ function Invoke-CIPPStandardunmanagedSync { #> param($Tenant, $Settings) - $Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings -API 'unmanagedSync' - if ($Rerun -eq $true) { - exit 0 - } + #$Rerun = Test-CIPPRerun -Type Standard -Tenant $Tenant -Settings $Settings 'unmanagedSync' + $CurrentInfo = New-GraphGetRequest -Uri 'https://graph.microsoft.com/beta/admin/sharepoint/settings' -tenantid $Tenant -AsApp $true If ($Settings.remediate -eq $true) {